Hey folks,
I'm looking once again at trying to make sense of fail2ban's
documentation, with the goal of configuring fail2ban to *remotely* tell
my separate firewall box (a Ubiquiti EdgeRouter running Shorewall) to
drop addresses that attempt to abuse or attack mail or ssh ports. The
fail2ban example shorewall.conf file RECOMMENDS changing BLACKLIST from
the default "NEW,INVALID,UNTRACKED" to "ALL" in order to let it close
existing connections from hostile hosts.
Are there any *non-obvious* side effects of this change that I should be
aware of?
--
Phil Stracchino
Babylon Communications
[email protected]
[email protected]
Landline: +1.603.293.8485
Mobile: +1.603.998.6958
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
